Seoul: The South Korean government announced on Friday that it will impose a fine on SK Telecom Co. for its delayed reporting of a data breach that affected all 25 million of its users. The telecom giant has also been ordered to waive customer cancellation fees, concluding a two-month investigation into one of the most severe data leak incidents in the nation's history.
According to Yonhap News Agency, SK Telecom reported the breach in April, revealing that universal subscriber identity module (USIM) data might have been compromised during a cyberattack targeting its servers. An inspection of the company's 42,605 servers uncovered 28 infected with 33 types of malicious code, as stated by the Ministry of Science and ICT in a press release.
The ministry identified poor account information management, inadequate responses to previous security incidents, and insufficient encryption of critical information as primary factors that contributed to the malware infection. It was also discovered that SK Telecom had detected malware on its servers as early as February 2022 but failed to report these findings to the authorities, a requirement under the law.
For the company's failure to report the breach promptly, the ministry plans to levy a fine of less than 30 million won (approximately US$21,600) and will conduct further investigations into the alleged breach of a data preservation order. Science Minister Yoo Sang-im emphasized the incident as a critical alert for both the telecommunications industry and the broader network infrastructure sector. Yoo urged SK Telecom to address the identified weaknesses and prioritize information security.
The investigation's findings highlight the evolving nature of cyber threats, particularly as they integrate with artificial intelligence (AI) technologies. In the wake of the breach, more than 660,000 subscribers opted to cancel their SK Telecom services and moved to competitors KT Corp. and LG Uplus Corp.
The government specified that the cancellation fee waiver applies solely to SK Telecom in this instance and does not establish a precedent for all cyberattack cases. SK Telecom resumed new subscription services on June 24, after a government-mandated suspension. To mitigate potential identity theft and financial fraud, the company has been offering free USIM card replacements since April.
To prevent future incidents, SK Telecom has been directed to submit follow-up action plans by the end of the month, with government inspections scheduled for November or December. The ministry has also declared that if further measures are deemed necessary, a correction order will be issued.
Furthermore, SK Telecom is required to appoint a chief information officer (CIO) responsible for overseeing all corporate assets and implementing IT asset management solutions.